IPMediumSignal 100/100

`80.82.77.144`

Location

Netherlands

Amsterdam, Noord-Holland

ASN

AS202425

IP Volume inc

First Seen

Aug 26, 2020

Last Seen

Feb 23, 2026

Aug 26

First Seen

2125d ago

Feb 23

Last Seen

119d ago

Reports

source reports

99%

Confidence

medium

Found in 34 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

99%

Signal Score

100 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

90 techniques

Network Information

Country

Netherlands

RegionAmsterdam, Noord-Holland

ASNAS202425

OrganizationIP Volume inc

IP Category

⟲

Proxy

Proxy server

Feed Intelligence Summary

34 reports99% confidence

Source reports

99%

Confidence score

Category tags

abuseabuse detectionabusive ipaccess controlaccount compromiseackack scanactive scanningadbadb protocolaerospace & defenseandroid devicesanomalous network connectionsapacheapache attackeraptasiaattachment phishingattackaustraliaauto-generated securityautomated emailbad web botbankingbase64base64 encodingbecblacklist candidateblacklist ipblacklisted ipblock listblock.txtbotnetbotnet activitybrute forcebrute force attackbrute force attacksbrute force attemptbrute force attemptsbulk emailc&cc2certchina mobilecode executioncolumnscommand and controlcommand executioncommand injectioncommand injection attemptcommunication protocolcommunication securitycommunication technologiescompany limitedcompromised hostcompromised systemconnect scanconsumer goodscowrie honeypotcowrie interactionscowrie ssh attackscredential accesscredential attackcredential brute-forcingcredential harvestingcredential phishingcredential stuffingcredential theftcredit card servicescvedaily_sourcesdata encryptiondata exfiltrationdata exfiltration attemptdatabase attacksdatabase securityddosddos attackddos attacksddos probedecoy systemdefensedefense contractingdefense logisticsdefense systemsdefense technologydenial of servicedenial-of-service attemptdionaea activitydionaea honeypotdionaea interactionsdionaea malware samplesdionaea payloadsdirectory traversal attemptdirectory traversal probedistributed attacksdnsdropperdropper activityenumerationeuropeexploitexploit attemptexploit attemptsexploit probingexploit targetingexploitationexploitation attemptexploitation attemptsexploitation of vulnerabilityexploited hostexternal scanexternal threatfailed login attemptsfattfatt analysisfatt detectionsfatt signaturesfinfin port scanfin scanfinancefinancial servicesfinancial technologyfinlandfirewall detectionfirewall detection probefirewall evasionfrancefraudfraud detectionfraud voipftpftp attackftp attacksftp brute forcegermanyhackinghk abusehandlerhoneynet connecthoneytrap activityhoneytrap eventshoneytrap exploit attemptshoneytrap honeypothoneytrap interactionshong konghttp attackhttp brute forcehttp probinghttp request anomalieshttp scannerhttpshurricane usicmpimapindicatorindicators of compromiseinfected systeminformation gatheringinformation technologyinfrastructure acquisitionreconnaissanceinfrastructure discoveryinitial accessinjection attacksinternal scaninternet of thingsinternet-facingintrusion detectioniociot botnetiot exploitationiot/ics attackipqsipv4it infrastructurelateral movementlogin attemptmailoney activitymailoney eventsmailoney honeypotmailoney interactionsmaimon scanmalicious activitymalicious file transfermalicious scanmalicious softwaremalicious trafficmalwaremalware analysismalware behaviourmalware capturemalware deliverymalware delivery attemptmalware distributionmalware distribution sourcemalware downloadmalware droppermalware propagationmanualmass port scanningmass scanningmasscanmasscan activitymediamilitary operationsmirai botnetmobilemobile carriersmobile networksmobile securitymssqlnational securitynetherlandsnetworknetwork attacksnetwork discoverynetwork enumerationnetwork intrusionnetwork intrusion attemptsnetwork intrusion detectionnetwork mappingnetwork probenetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork traffic analysisnetwork-based attack attemptsnlnmapnmap scannmap scan detectednorth americanull port scannull scanoceaniaopen port detectionopen port identificationopen portsopenporsts_com-benignos detectionos fingerprintingos fingerprinting attemptp0fp0f network fingerprintingp0f passive fingerprintingp0f signaturespasswordpassword attackpassword attackspassword theftpayment fraudpayment processingpgp signphishingphishing attackphishing campaignphishing trapping of deathpolandpossible botnet activitypossible malicious activitypossible malware distributionpossible reconnaissancepossible vulnerability probingpossible vulnerability scanningpotential exploit targetingpotential intrusion attemptpotential reconnaissance activitypotential threat activitypotential vulnerability assessmentpotential vulnerability probingpotential vulnerability scanprice requestprice request scamprobing activityprocess injectionprotocol exploitationproxyproxy detectionproxy protocolrdp attacksreconnaissancereconnaissance activityremote accessremote access attackremote servicesresearchedresource hijackingretail tradescanscannerscanner activityscanning activityschedule themescheduled task abusescripting attackssecurity eventsecurity operationssecurity policysensor-taggedsentrypeer activitysentrypeer botnetsentrypeer eventssentrypeer interactionsserver exploitationservice detectionservice discoveryservice enumerationservice probingservice version detectionsip attackssmtpsmtp attacksmtp attackssmtp brute forcesmtp probingsmtp scanningsocial engineeringsocradarsoftware developmentsoftware exploitationspam sourcesql injectionsql injection attemptsql injection probessh attackssh attacksssh monitoringstealth scanstealth scan techniquessuricata alertssweep scansynsyn port scansyn scant-pott1003t1003.001t1005t1016t1016.001t1018t1020t1021t1021.001t1021.002t1021.003t1027t1040t1046t1047t1048t1053t1055t1056t1059t1059.003t1059.004t1059.007t1064t1065t1068t1071t1071.001t1076t1077t1078t1078.001t1078.002t1078.004t1083t1087t1087.001t1087.002t1087.003t1110t1110.001t1110.002t1110.003t1110.004t1133t1134t1187t1189t1190t1192t1195t1202t1203t1213t1486t1496t1497t1497.001t1499.001t1499.002t1499.003t1505t1505.002t1555t1562t1563t1565t1566t1566.001t1566.002t1566.003t1567.001t1572t1583t1587.001t1588t1588.002t1588.006t1589t1589.002t1590t1590.001t1590.002t1592t1595t1595.001t1595.002t1595.003t1598t1598.003tannertanner activitytanner eventstanner interactionstariff server compromisetariff server themetariffs servertcp protocoltcp scantcp scanningtelecom servicestelecommunicationstelnet attackstelnet threatthreat actorthreat actor activitythreat detectionthreat intelligencethreat intelligence feedthreat preventiontimeouttop10.txttopips.txttor exit nodetpottsecudp port scanudp scanunauthorized accessunauthorized access attemptunauthorized login attemptunauthorized probingunauthorized scanningunited statesus noneverified-benignvnc protocolvoipvoip attackvpn detectionvulnerability scanwealth managementweb application attackweb application attacksweb attackweb exploitationweb shell attemptweb shell detectionweb spamweb trafficwetransfer abusewindow scanxmasxmas port scanxmas scanzmap

Activity Timeline

1 total obs

Feb 23Feb 23

Threat Activity Heatmap

· Peak: 2026-02-23

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Dormant

Threat ScoreHigh Risk

100

SIGNAL

Signal Score

99%

Confidence

Reports

First seenAug 26, 2020

Last seenFeb 23, 2026

GeolocationNL

CountryNetherlands

LocationAmsterdam, Noord-Holland

ASNAS202425

OrgIP Volume inc

Coords52.3716, 4.8883

Proxy

VirusTotal

Not checked

WHOIS

description: Observed on T-Pot within last 24h; sensors=p0f; threshold?1; private IPs excluded.
raw: inetnum: 80.82.77.0 - 80.82.77.255 netname: NET-1-77 descr: IPV NETBLOCK country: NL geoloc: 52.370216 4.895168 org: ORG-IVI1-RIPE admin-c: IVI24-RIPE tech-c: IVI24-RIPE status: ASSIGNED PA mnt-by: IPV mnt-lower: IPV mnt-routes: IPV created: 2013-04-26T10:57:52Z last-modified: 2019-02-01T18:30:06Z source: RIPE organisation: ORG-IVI1-RIPE org-name: IP Volume inc country: SC org-type: OTHER address: Seychelles abuse-c: IVNO1-RIPE mnt-ref: IPV mnt-by: IPV created: 2018-05-14T11:46:50Z last-modified: 2023-09-08T14:13:20Z source: RIPE # Filtered role: IPV address: BZ nic-hdl: IVI24-RIPE mnt-by: IPV created: 2018-05-16T13:28:41Z last-modified: 2023-09-08T14:14:36Z source: RIPE # Filtered route: 80.82.77.0/24 origin: AS202425 remarks: +----------------------------------------------- remarks: | For abuse e-mail [email protected] remarks: | We do not always reply to abuse. remarks: | But we do take care your report is dealt with! remarks: +----------------------------------------------- mnt-by: IPV created: 2019-02-01T18:35:24Z last-modified: 2019-02-01T18:35:24Z source: RIPE
references: https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt, http://cinsscore.com/list/ci-badguys.txt

`80.82.77.144`

MITRE ATT&CK TTPs

Network Information

IP Category

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey